Speaking as a member of the community and not as a ‘ForgeRocker’ this is my personal opinion.
I think the article your friend has written raises some of the age old concerns that have been with us since the internet was created. I also firmly belive that the internet is all about sharing. Now in some instances there is very good reason to be specific regarding who you share with, i.e. to limit sharing, and that is where I think ForgeRock has a compelling and realistic vision.
The article focuses very much on Consumer IoT where sharing and data collection can be easily made to look sinister or scary in a ‘1984’ kind of a way, but ultimately it is what companies do with the collected data that makes it a force for liberation or a privacy concern. However, if we frame the argument in terms of the industrial IoT then it becomes far less emotive. One can see that understanding the underlying patterns in data generated by a city or an industrial plant can be used to drive efficiency and innovation or to set targets. We can also see that protection and control over who can gain access to control points and generated data is absolutely key.
Regarding privacy, there is already the User Managed Access (UMA) initiative. UMA can address several of the privacy and access concerns described in the article referred. There are also some things that will need to change from the legal perspective, because at this moment the manufacturer of a “connected product” takes for granted that the data collected belongs to them, when it should belong to the user of the product. The manufacturer collecting data in the cloud could be the custodian of the data but not the owner, or not the owner of all the data. The user should have the right to decide what data he/she wants to share, and with whom. That’s precisely one of the problems that UMA addresses.
The click “I agree” (and implicitly grant access to all my data) or “Go away” Terms and Conditions will need to evolve, but as I mentioned above the legal framework needs to change, and that might take time.
Take a look to the OpenUMA project in the ForgeRock community.
ForgeRock builds secure relationships across the modern Web including cloud, social, mobile, and enterprise environments. ForgeRock can extend identities to any “thing” connected to the Internet. We support mission-critical operations with a fully open source platform.
Our customers are recognized market leaders such as GEICO, salesforce.com, Thomson Reuters, McKesson, and Vantiv, as well as governments building out
online services for their citizens, such as the Government of Norway.